Context Compactor

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says, but users should review it because it can automatically send prior conversation history to whichever LLM runtime is configured, despite local-only privacy language.

Review this before installing if OpenClaw sessions may contain sensitive prompts, code, credentials, or personal data. Configure it so summarization only runs on local models you trust, keep the generated config backup secure, and do not rely on compacted summaries for high-stakes instructions without checking the original conversation.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 87% confidence
Finding: The skill automatically summarizes and replaces older in-session context, which can silently alter, omit, or flatten important prior instructions, user constraints, or safety-relevant details. In an agent setting, this can lead to integrity issues: the model may act on an incomplete or distorted conversation state without the user realizing compaction occurred.

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The plugin forwards prior conversation contents to a summarization model without explicit user disclosure or consent controls. In this skill context, conversations may contain sensitive prompts, credentials, proprietary code, or personal data, so using a separate summarization model can expand the data exposure boundary beyond what the user expects.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal